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after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 
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Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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DETAILED ACTION 
Response to Amendment 

1 . This action is in response to the communication dated July 22, 2005 with the 
amendments to claims 1,16, 28, 32 and 33 and the addition of claims 34-36. 

2. Claims 1 -36 are pending. 

Specification 

3. The amendment to the specification dated July 22, 2005 has been entered. 

Response to Arguments 

4. Applicant's arguments filed July 22, 2005 have been fully considered but they are 
not persuasive. 

5. Applicant argues that the combination of Geiger with Cutaia does not teach or 
suggest each and every one of limitations in claims 1 , 16, 28 and 32-33. Specifically, 
Geiger does not teach or suggest directing the network connection to an enrollment 
module to register for the authentication certificate if the received certificate does not 
correspond to the authentication certificate, and Cutaia does not teach or suggest 
providing authentication certificate at the registration step and direct users to register for 
the authentication certificate using a user identity and private key. 

In response to applicant's arguments against the references individually, one 
cannot show nonobviousness by attacking references individually where the rejections 
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are based on combinations of references. See In re Keller, 642 F.2d 413, 208 
USPQ 871 (CCPA 1 981 ); In re Merck & Co., 800 F.2d 1 091 , 231 USPQ 375 (Fed. Cir. 
1986). 

The examiner maintains that Geiger does disclose enrolling and authenticating 
domain members and attributes (i.e. access rights) in col. 10, lines 32-37. However, he 
does not disclose directing to an enrollment module to register for the certificate if the 
authentication fails (as admitted in the previous Office action). Cutaia was brought in to 
address this missing limitation. 

Cutaia discloses the concept of directing either to the inquiry services (Fig. 2, 
element 208; i.e. targeted service) or registration services (Fig. 2, element 206) based 
on whether or not the customer's inquiry information contained "cookie" (page 5, 
paragraph [0040], i.e. a file loaded on user computer identifying the registration 
information), this cookie reads on authentication certificate. In other words, if the cookie 
is not included in the inquiry information (i.e. authentication fails), the system connects 
to enrollment services. In this paragraph [0040], Cutaia further discloses the registration 
information includes username and password (i.e. user identity and private key). 
6. As to claim 22, applicant argues that Bisbee is silent as to enabling enrollment for 
authentication certificates in situations where authentication fails. 

Again, in response to applicant's arguments against the references individually, 
one cannot show nonobviousness by attacking references individually where the 
rejections are based on combinations of references. See In re Keller, 642 F.2d 41 3, 



Application/Control Number: 09/922,440 Page 4 

Art Unit: 2137 

208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. 
Cir. 1986). 

Both Geiger and Cutaia do not disclose authentication certificate comprises at 
least one of an identity verification authentication certificate, an authorization certificate 
and a non-repudiation certificate. Bisbee was brought to address this limitation and 
Bisbee discloses explicitly authentication certificate comprises at least one of an identity 
verification authentication certificate, an authorization certificate and a non-repudiation 
certificate in col. 2, lines 46-64. 

7. The arguments on claims 28-31 are addressed the same as to above claim 1 . 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

9. Claims 1-2, 7, 10, 15-16, 21 and 32-33 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Geiger et al. (6,463,534) in view of Cutaia et al. 
(2002/0004390). 

a) As to claims 1 and 32-33, Geiger discloses a method of conducting 
transactions in a wireless electronic commerce system comprising receiving a certificate 
with indication of access rights (col. 11, lines 1-10) from the wireless terminal (Fig. 4; 
wireless device with certificates stored in WIM (WAP Identity Module or Wireless 
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Identity Module) (col. 11, line 64 to col. 12, line 8; col. 17, lines 14-17) communicates 
with attribute authorities); determining whether the received certificate corresponds to a 
service provider authentication certificate which identifies access rights for a targeted 
service (col. 12, lines 19-21); directing the network connection to the targeted service if 
the received certificate corresponds to the service provider authentication certificate 
(col. 14, lines 36-42). 

However, Geiger does not disclose directing the network connection to an 
enrollment module to register for the certificate if the received certificate does not 
correspond to the service provider authentication certificate. 

Cutaia discloses a method and system for managing telecommunications 
services and network interconnections comprising the step of directing to enrollment to 
register for registration information (i.e. file loaded on computer, known as "cookie", to 
identify registration information) if the received inquiry does not contain registration 
information (page 5, paragraph [0040]) which reads on the step of directing the network 
connection to an enrollment module to register for the certificate using a user identity 
and a private key (i.e. username and password) if the received certificate does not 
correspond to the service provider authentication certificate. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ to use of directing the connection to an enrollment module to 
register for the certificate if the received certificate does not correspond to the service 
provider authentication certificate in the system of Geiger, as Cutaia teaches so as to 
provide users with proper registration procedures before accessing services. 
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b) As to claim 2, Geiger discloses the step of providing a list of one or more 
available predetermined certificates to the wireless terminal (col. 6, lines 1-4). 

c) As to claim 7, Geiger discloses the step of receiving a certificate 
comprising receiving the certificate via a client certificate message issued by the 
wireless terminal (col. 13, lines 53-57). 

d) As to claim 10, Geiger discloses the access rights possessed by the user 
are stored as local certificates on a Wireless Identity Module (i.e. license certificate, col. 
5, lines 1 6-22; col. 11, line 64 - col. 1 2, line 8). 

e) As to claim 15, Geiger discloses the step of determining whether the 
received certificate corresponds to a service provider authentication certificate 
comprising comparing the received certificate to the service provider authentication 
certificate (col. 12, lines 19-21). 

f) As to claim 16, Geiger discloses a system of conducting transactions in a 
wireless electronic commerce system comprising a service module from which a service 
provider avails the secure service to the user of the wireless terminal (Fig. 4, elements 
404-406). 

However Geiger does not disclose an enrollment manager to effect user 
registration to the secure service using a user identity and a private key and a switch 
module coupled to receive a security certificate in establishing a connection wherein the 
switch module directs the connection to either the service module or the enrollment 
manager depending on the security certificate. 
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Cutaia discloses a method and system for managing telecommunications 
services and network interconnections comprising an enrollment manager to effect user 
registration to the secure service using a user identity and a private key (page 5, 
paragraph [0040]), i.e. username and password) and a switch module to direct the 
connection to either the inquiry services (Fig. 2, element 208; i.e. service module) or the 
enrollment manager (Fig. 2, element 206) depending on the registration information (i.e. 
file loaded on computer, known as "cookie", to identify registration information) (page 5, 
paragraph [0040], i.e. the certificate). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ to use of having a switch module coupled to receive a security 
certificate in establishing a connection wherein the switch module directs the connection 
to either the service module or the enrollment manager depending on the security 
certificate in the system of Geiger, as Cutaia teaches so as to provide users with proper 
registration procedures before accessing services. 

g) As to claim 21 , Geiger discloses the security certificate comprises an 
authentication certificate (col. 16, lines 42-44). 

10. Claim 22 is rejected under 35 U.S.C. 103(a) as being unpatentable over Geiger 
et al. (6,463,534) in view of Cutaia et al. (2002/0004390) and further in view of Bisbee et 
al. (6,367,013). 



Application/Control Number: 09/922,440 Page 8 

Art Unit: 2137 

Geiger discloses authentication certificate, however he does not disclose the 
authentication certificate comprises at least one of an identity verification authentication 
certificate, an authorization certificate and a non-repudiation certificate. 

Bisbee discloses a system and method for electronic transmission, storage and 
retrieval of authenticated electronic original documents wherein the authentication 
certificate comprises at least one of an identity verification authentication certificate, an 
authorization certificate and a non-repudiation certificate (col. 2, lines 46-64). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ to use of authentication certificate comprising an identity verification 
authentication certificate, an authorization certificate and a non-repudiation certificate in 
the system of Geiger and Cutaia, as Bisbee teaches so as to provide the requisite 
security for electronic wireless transaction. 

11. Claims 28-31 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Rajan et al. (6,633,910) in view of Geiger et al. (6,463,534) and further in view of Cutaia 
et al. (2002/0004390). 

a) As to claim 28, Rajan discloses a system of gathering data and 
transmission over wired and wireless network connections comprising a wireless 
network including a plurality of wireless terminals operable therein (Fig. 1, elements 13, 
39, 41 and 43); a network of computing systems (Fig. 1 , elements 11, 15) wherein at 
least one of the computing systems comprises a server computing system (Fig. 1 , 
elements 21 , 23, 25) hosting a secure service (col. 4, line 61 to col. 5, line 5) targeted 
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by at least one of the wireless terminals (Fig. 2) and wherein at least one of the 
computing systems comprises an enrollment server (Fig. 1, element 33; col. 6, lines 12- 
16; col. 7, lines 10-13; col. 10, line 57) to effect user registration to the secure service; a 
gateway computing system configured to bridge communications between the wireless 
network and the network of computing systems (Fig. 1, element 37). 

Rajan discloses digital authorization certificates, secure digital signature forms 
may be held in the content servers, however, Rajan does not disclose a network switch 
coupled to receive an authentication certificate utilized by a wireless terminal in 
establishing a connection with the network of computing systems, wherein the network 
switch switches the connection to the server computing system or the enrollment server 
depending on the authentication certificate utilized by the wireless terminal in 
establishing the connection. 

Geiger discloses a system of conducting transactions in a wireless electronic 
commerce system comprising authentication certificate utilized by a wireless terminal 
(Fig. 4; wireless device with certificates stored in WIM (WAP Identity Module or Wireless 
Identity Module) (col. 11, line 64 to col. 12, line 8; col. 17, lines 14-17) in establishing a 
connection with the network of computing systems. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ to use of utilizing authentication certificate by a wireless terminal in 
establishing a connection with the network of computing systems in the system of 
Rajan, as Geiger teaches so as to securely provide accesses to services using 
authentication certificates. 
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However Rajan and Geiger do not disclose a network switch coupled to receive 
an authentication certificate utilized by a wireless terminal in establishing a connection 
with the network of computing systems, wherein the network switch switches the 
connection to the server computing system or the enrollment server depending on the 
authentication certificate utilized by the wireless terminal in establishing the connection. 

Cutaia discloses the concept of switching either to the inquiry services (Fig. 2, 
element 208; i.e. server computing system) or registration services (Fig. 2, element 206) 
based on whether or not the inquiry information from customer contained registration 
information (i.e. file loaded on computer, known as "cookie", to identify registration 
information) (page 5, paragraph [0040], i.e. the certificate) and using a user identity and 
a private key (i.e. username and password) to effect user registration. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ to use of having a network switch coupled to receive an 
authentication certificate utilized by a wireless terminal in establishing a connection with 
the network of computing systems, wherein the network switch switches the connection 
to the server computing system or the enrollment server depending on the 
authentication certificate utilized by the wireless terminal in establishing the connection 
in the system of Rajan and Geiger, as Cutaia teaches so as to provide users with proper 
registration procedures before accessing services. 

b) As to claim 29, Geiger discloses the gateway computing system 
comprises a comprises a Wireless Application Protocol gateway (Fig. 1 , element 18), 
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and at least the wireless terminal establishing the connection with the network of 
computing system comprises a WAP-compliant terminal (Fig. 1 , element 1 1 ). 

c) As to claim 30, Rajan discloses the WAP-compliant terminal comprises 
one of a wireless telephone, personal digital assistant, wireless pager and wireless 
laptop computer (col. 1, lines 45-48). 

d) As to claim 31 , Rajan discloses the network of computing systems 
comprises the Internet ((Fig. 1 , element 1 1 ) and wherein the Wireless Application 
Protocol is used to communicate between the wireless terminal and the Internet (Fig. 1 , 
element 37). 

Allowable Subject Matter 

12. Claims 3-6, 8-9, 11-14, 17-20, 23-27 are objected to as being dependent upon a 
rejected base claim, but would be allowable if rewritten in independent form including all 
of the limitations of the base claim and any intervening claims. 

1 3. Claims 34-36 are allowed. 

The prior arts of Rajan et al. (6,633,910), Geiger et al. (6,463,534), Cutaia et al. 
(2002/0004390) and Bisbee et al. (6,367,013) do not disclose the system of claim 34 
wherein an authentication certificate identification module delivers the plurality of 
authentication certificates to the wireless terminal with a preferred order indication 
identifying a preferred order of use for connecting to the secure service and a compare 
module coupled to receive an authentication certificate from the wireless terminal 
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corresponding to the highest order authentication certificate available at the wireless 
terminal based on the preferred order indication. 

Conclusion 

14. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

1 5. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Minh Dieu Nguyen whose telephone number is 571-272- 
3873. The examiner can normally be reached on M-F 6:00-2:30. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is (571) 273-8300. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 571-272- 
2100. 




Minh Dieu Nguyen 

Examiner 
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